Testing further, the newer versions of pam_mkhomedir module honours
the umask set in /etc/login.defs. So this has already been made consistent
across tools (useradd & so on). So the problem only exists in Jammy & older
Ubuntu releases.
pam_mkhomedir
The relevant part in /etc/login.defs (from Noble):
```
# HOME_MODE is used by useradd(8) and newusers(8) to set the mode for new
# home directories.
# If HOME_MODE is not set, the value of UMASK is used to create the mode.
HOME_MODE 0750
```
This HOME_MODE is a recent addition and doesn't exist in Jammy or older.
pam_mkhomedir module honours this now. But anything specified in the "argv"
will override
and will work exactly in the same way.
This was done through the change:
```
pam_mkhomedir: use HOME_MODE or UMASK from /etc/login.defs.
Follow the example of useradd(8) and set the user home directory mode
to the value of HOME_MODE or UMASK configuration item from
/etc/login.defs when umask option is not specified.
```
However, to not have HOME's umask in too many places, I think it's
better to have Plucky change reverted so that there's one less config
file with umask.
To be clear, there's no problem as such with:
https://git.launchpad.net/ubuntu/+source/pam/commit/?id=c576b5c19abb383ce53dfc10a986d7cf164eaeaf
but I am of the opinion having less one source is better. Besides, Plucky was
unaffected by this
issue due to HOME_MODE's existence now.
So I believe the correct approach is to SRU the fix only for older releases
(Jammy & Focal).
To that end, I request Alex to revert the Plucky merge. Sorry Alex, I should
have checked the
newer releases for any potential fixes before proposing mine! Hopefully, it's a
straightforward revert.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1957024
Title:
pam-mkhomedir does not honor private home directories
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1957024/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
